Lucene search
China National Vulnerability DatabaseCNVD-2022-87017HistoryNov 23, 2022 - 12:00 a.m.
WordPress WP User Frontend authorization issue vulnerability
2022-11-2300:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
wordpress
user frontend
authorization
vulnerability
privilege management
attackers
arbitrary roles
security issue
0.003 Low
EPSS
Percentile
68.8%
WP User Frontend is a user frontend posting and contribution plugin for wordpress. WordPress WP User Frontend versions prior to 3.5.29 are vulnerable to authorization issues. The vulnerability stems from improper privilege management and can be exploited by attackers to create accounts with arbitrary roles.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress wp user frontend plugin | lt | 3.5.29 |
Related
cve
cve
CVE-2021-24649
2022-11-21 11:15:12
prion
prion
Design/Logic Flaw
2022-11-21 11:15:00
wpexploit
wpexploit
WP User Frontend < 3.5.29 - Obscure Registration as Admin
2022-10-31 00:00:00
nvd
nvd
CVE-2021-24649
2022-11-21 11:15:12
patchstack
patchstack
cvelist
cvelist
CVE-2021-24649 WP User Frontend < 3.5.29 - Obscure Registration as Admin
2022-11-21 00:00:00
wpvulndb
wpvulndb
WP User Frontend < 3.5.29 - Obscure Registration as Admin
2022-10-31 00:00:00